← Back

Xyhcms Project

xyhcms_project

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Xyhcms
xyhcms
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-10128
1Xyhcms Project
1Xyhcms
Nov 21, 2024
Apr 16, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
An issue was discovered in XYHCMS 3.5. It has XSS via the test parameter to index.php.
CVE-2018-10127
1Xyhcms Project
1Xyhcms
Nov 21, 2024
Apr 16, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
An issue was discovered in XYHCMS 3.5. It has CSRF via an index.php?g=Manage&m=Rbac&a=addUser request, resulting in addition of an account with the administrator role.